{"type":"TYPE_SECURITY","shortCode":"RL","name":"RLSA-2024:4583","synopsis":"Important: kernel security update","severity":"SEVERITY_IMPORTANT","topic":"An update is available for kernel.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list","description":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)\n\n* kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548)\n\n* kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)\n\n* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)\n\n* kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)\n\n* kernel: mm\/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)\n\n* kernel: net\/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (CVE-2024-26858)\n\n* kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)\n\n* kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)\n\n* kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)\n\n* kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)\n\n* kernel: lib\/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543)\n\n* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)\n\n* kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593)\n\n* kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)\n\n* kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957)\n\n* kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","solution":null,"affectedProducts":["Rocky Linux 9"],"fixes":[{"ticket":"2267509","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2267509","description":""},{"ticket":"2273082","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2273082","description":""},{"ticket":"2273466","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2273466","description":""},{"ticket":"2275735","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2275735","description":""},{"ticket":"2277238","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2277238","description":""},{"ticket":"2280434","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2280434","description":""},{"ticket":"2281131","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2281131","description":""},{"ticket":"2281925","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2281925","description":""},{"ticket":"2283401","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2283401","description":""},{"ticket":"2284541","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2284541","description":""},{"ticket":"2284581","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2284581","description":""},{"ticket":"2293230","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2293230","description":""},{"ticket":"2293380","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2293380","description":""},{"ticket":"2293402","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2293402","description":""},{"ticket":"2293456","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2293456","description":""},{"ticket":"2293653","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2293653","description":""},{"ticket":"2294225","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2294225","description":""}],"cves":[{"name":"CVE-2021-47548","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-47548","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2021-47596","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-47596","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2022-48627","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-48627","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2023-52638","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-52638","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-26783","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-26783","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-26858","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-26858","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-27397","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-27397","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-27435","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-27435","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-35958","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-35958","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-36270","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-36270","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-36886","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-36886","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-36904","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-36904","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-36957","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-36957","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-38543","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-38543","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-38586","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-38586","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-38593","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-38593","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"},{"name":"CVE-2024-38663","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-38663","cvss3ScoringVector":"UNKNOWN","cvss3BaseScore":"UNKNOWN","cwe":"UNKNOWN"}],"references":[],"publishedAt":"2024-07-26T12:33:50.717957Z","rpms":{"Rocky Linux 9":{"nvras":["bpftool-0:7.3.0-427.26.1.el9_4.aarch64.rpm","bpftool-0:7.3.0-427.26.1.el9_4.ppc64le.rpm","bpftool-0:7.3.0-427.26.1.el9_4.s390x.rpm","bpftool-0:7.3.0-427.26.1.el9_4.x86_64.rpm","bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.aarch64.rpm","bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.ppc64le.rpm","bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.s390x.rpm","bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.x86_64.rpm","kernel-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-0:5.14.0-427.26.1.el9_4.src.rpm","kernel-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-64k-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-debug-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-64k-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-abi-stablelists-0:5.14.0-427.26.1.el9_4.noarch.rpm","kernel-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-core-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-cross-headers-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-cross-headers-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-cross-headers-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-cross-headers-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-core-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-devel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-devel-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-modules-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-modules-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-debug-uki-virt-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-devel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-devel-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-devel-matched-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-devel-matched-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-devel-matched-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-doc-0:5.14.0-427.26.1.el9_4.noarch.rpm","kernel-headers-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-headers-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-headers-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-headers-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-modules-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-modules-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-modules-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-modules-core-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-modules-extra-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-modules-extra-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-kvm-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-debug-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-kvm-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-rt-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-tools-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-tools-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-tools-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-tools-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-tools-libs-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-tools-libs-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-tools-libs-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-tools-libs-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm","kernel-tools-libs-devel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","kernel-tools-libs-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-uki-virt-0:5.14.0-427.26.1.el9_4.x86_64.rpm","kernel-zfcpdump-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-zfcpdump-core-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-zfcpdump-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-zfcpdump-devel-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-zfcpdump-devel-matched-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-zfcpdump-modules-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-zfcpdump-modules-core-0:5.14.0-427.26.1.el9_4.s390x.rpm","kernel-zfcpdump-modules-extra-0:5.14.0-427.26.1.el9_4.s390x.rpm","libperf-0:5.14.0-427.26.1.el9_4.aarch64.rpm","libperf-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","libperf-0:5.14.0-427.26.1.el9_4.s390x.rpm","libperf-0:5.14.0-427.26.1.el9_4.x86_64.rpm","libperf-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","libperf-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","libperf-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm","libperf-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","perf-0:5.14.0-427.26.1.el9_4.aarch64.rpm","perf-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","perf-0:5.14.0-427.26.1.el9_4.s390x.rpm","perf-0:5.14.0-427.26.1.el9_4.x86_64.rpm","perf-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","perf-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","perf-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm","perf-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","python3-perf-0:5.14.0-427.26.1.el9_4.aarch64.rpm","python3-perf-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","python3-perf-0:5.14.0-427.26.1.el9_4.s390x.rpm","python3-perf-0:5.14.0-427.26.1.el9_4.x86_64.rpm","python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm","python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm","python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm","rtla-0:5.14.0-427.26.1.el9_4.aarch64.rpm","rtla-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","rtla-0:5.14.0-427.26.1.el9_4.s390x.rpm","rtla-0:5.14.0-427.26.1.el9_4.x86_64.rpm","rv-0:5.14.0-427.26.1.el9_4.aarch64.rpm","rv-0:5.14.0-427.26.1.el9_4.ppc64le.rpm","rv-0:5.14.0-427.26.1.el9_4.s390x.rpm","rv-0:5.14.0-427.26.1.el9_4.x86_64.rpm"]}},"rebootSuggested":false,"buildReferences":[]}

Rocky Linux: RLSA-2024:4583 kernel security update Security Advisories Updates

July 26, 2024
An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Summary

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886) * kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548) * kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596) * kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627) * kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638) * kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783) * kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (CVE-2024-26858) * kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397) * kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435) * kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958) * kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904) * kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543) * kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586) * kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593) * kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270) * kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957) * kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

RPMs

bpftool-0:7.3.0-427.26.1.el9_4.aarch64.rpm

bpftool-0:7.3.0-427.26.1.el9_4.ppc64le.rpm

bpftool-0:7.3.0-427.26.1.el9_4.s390x.rpm

bpftool-0:7.3.0-427.26.1.el9_4.x86_64.rpm

bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.aarch64.rpm

bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.ppc64le.rpm

bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.s390x.rpm

bpftool-debuginfo-0:7.3.0-427.26.1.el9_4.x86_64.rpm

kernel-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-0:5.14.0-427.26.1.el9_4.src.rpm

kernel-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-64k-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-debug-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-64k-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-abi-stablelists-0:5.14.0-427.26.1.el9_4.noarch.rpm

kernel-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-core-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-cross-headers-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-cross-headers-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-cross-headers-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-cross-headers-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-core-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-devel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-devel-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-devel-matched-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-modules-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-modules-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-debug-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-debug-uki-virt-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-devel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-devel-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-devel-matched-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-devel-matched-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-devel-matched-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-devel-matched-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-doc-0:5.14.0-427.26.1.el9_4.noarch.rpm

kernel-headers-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-headers-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-headers-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-headers-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-modules-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-modules-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-modules-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-modules-core-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-modules-core-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-modules-core-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-modules-extra-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-modules-extra-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-modules-extra-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-kvm-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-kvm-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-modules-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-modules-core-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-rt-modules-extra-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-tools-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-tools-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-tools-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-tools-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-tools-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-tools-libs-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-tools-libs-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-tools-libs-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-tools-libs-devel-0:5.14.0-427.26.1.el9_4.aarch64.rpm

kernel-tools-libs-devel-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

kernel-tools-libs-devel-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-uki-virt-0:5.14.0-427.26.1.el9_4.x86_64.rpm

kernel-zfcpdump-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-zfcpdump-core-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-zfcpdump-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-zfcpdump-devel-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-zfcpdump-devel-matched-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-zfcpdump-modules-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-zfcpdump-modules-core-0:5.14.0-427.26.1.el9_4.s390x.rpm

kernel-zfcpdump-modules-extra-0:5.14.0-427.26.1.el9_4.s390x.rpm

libperf-0:5.14.0-427.26.1.el9_4.aarch64.rpm

libperf-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

libperf-0:5.14.0-427.26.1.el9_4.s390x.rpm

libperf-0:5.14.0-427.26.1.el9_4.x86_64.rpm

libperf-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

libperf-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

libperf-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm

libperf-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

perf-0:5.14.0-427.26.1.el9_4.aarch64.rpm

perf-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

perf-0:5.14.0-427.26.1.el9_4.s390x.rpm

perf-0:5.14.0-427.26.1.el9_4.x86_64.rpm

perf-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

perf-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

perf-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm

perf-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

python3-perf-0:5.14.0-427.26.1.el9_4.aarch64.rpm

python3-perf-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

python3-perf-0:5.14.0-427.26.1.el9_4.s390x.rpm

python3-perf-0:5.14.0-427.26.1.el9_4.x86_64.rpm

python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.aarch64.rpm

python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.s390x.rpm

python3-perf-debuginfo-0:5.14.0-427.26.1.el9_4.x86_64.rpm

rtla-0:5.14.0-427.26.1.el9_4.aarch64.rpm

rtla-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

rtla-0:5.14.0-427.26.1.el9_4.s390x.rpm

rtla-0:5.14.0-427.26.1.el9_4.x86_64.rpm

rv-0:5.14.0-427.26.1.el9_4.aarch64.rpm

rv-0:5.14.0-427.26.1.el9_4.ppc64le.rpm

rv-0:5.14.0-427.26.1.el9_4.s390x.rpm

rv-0:5.14.0-427.26.1.el9_4.x86_64.rpm

References

No References

CVEs

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47548

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47596

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48627

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52638

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26783

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26858

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27397

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27435

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35958

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36270

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36886

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36904

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36957

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38543

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38586

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38593

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38663

Severity
Name: RLSA-2024:4583
Affected Products: Rocky Linux 9

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2267509

https://bugzilla.redhat.com/show_bug.cgi?id=2273082

https://bugzilla.redhat.com/show_bug.cgi?id=2273466

https://bugzilla.redhat.com/show_bug.cgi?id=2275735

https://bugzilla.redhat.com/show_bug.cgi?id=2277238

https://bugzilla.redhat.com/show_bug.cgi?id=2280434

https://bugzilla.redhat.com/show_bug.cgi?id=2281131

https://bugzilla.redhat.com/show_bug.cgi?id=2281925

https://bugzilla.redhat.com/show_bug.cgi?id=2283401

https://bugzilla.redhat.com/show_bug.cgi?id=2284541

https://bugzilla.redhat.com/show_bug.cgi?id=2284581

https://bugzilla.redhat.com/show_bug.cgi?id=2293230

https://bugzilla.redhat.com/show_bug.cgi?id=2293380

https://bugzilla.redhat.com/show_bug.cgi?id=2293402

https://bugzilla.redhat.com/show_bug.cgi?id=2293456

https://bugzilla.redhat.com/show_bug.cgi?id=2293653

https://bugzilla.redhat.com/show_bug.cgi?id=2294225


Related News

Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
2 - 4 min read
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved